SlideShare a Scribd company logo

Data Analytics in Cyber Security

Download as PPTX, PDF
DNIF, profile picture
DNIF

The document discusses the integration of big data analytics in cyber security, highlighting current challenges and shortcomings of traditional security information and event management systems. It emphasizes the need for improved data processing capabilities, introducing concepts such as data pipelines and big data structures. The speaker, Shomiron Das Gupta, presents opportunities in the field, including managed security services and threat hunting.

Technology
Related topics:
Cyber-Security Information SecurityData Analytics Insights
1 of 13
Downloaded 13 times
1
2
3
4
Most read
5
Most read
6
7
Most read
8
9
10
11
12
13
© Copyright 2017 NETMONASTERY Inc Big Data Structures in the Cyber Security Puzzle 1 Shomiron DAS GUPTA, Founder, CEO NETMONASTERY Inc. Data Analytics in Cyber Security
© Copyright 2017 NETMONASTERY Inc Agenda … Setting Expectations! 2 NEXT 45 MINS 1. Cyber Security - How it works, today! 2. Data Analytics, the What and the Why 3. The Technical Aspects 4. The Pipeline 5. Opportunities - Gaps we’re aiming for 6. Demo
© Copyright 2017 NETMONASTERY Inc Hello, who is speaking? 3 Founder of NETMONASTERY, we built DNIF - An Integrated Threat Hunting Platform for the CSOC Research on Detection, Hunting and …. ML One of the few guys that does defense for a living GCIA 2000 - 18Yrs of Intrusion Detection, Handling WHAT I DO FOR A LIVING @shomiron
© Copyright 2017 NETMONASTERY Inc Cyber Security — The NUMBERS! 4 THE CURRENT WORLD CHALLENGES ■ Data growth 230% YoY ■ Mid Sized Enterprise - 30 TB Monthly ■ Enterprise Grade - 100+ TB Monthly ■ Government - 1.23 PB Monthly ■ Process, Percolation / Lag < 10s ■ Detect stuff we didn’t know about
© Copyright 2017 NETMONASTERY Inc Cyber Security Solutions — Where were we? 5 THE CURRENT WORLD Security Information and Event Management ■ It’s… last generation ■ Slow… can’t scale (database) ■ Rule based - KNOWN / KNOWNs ■ Beautiful UI - HiFi ■ Center of the Earth
© Copyright 2017 NETMONASTERY Inc 6 We FAIL* EVERYDAY!!
© Copyright 2017 NETMONASTERY Inc Data Analytics + Big Data Structures 7 AND THE MARRIAGE PARTY 1. Facets and dimensionality 2. Static / dynamic analytics 3. Why static is better 4. Then why are we doing dynamic? 5. The Marriage of Big Data with Analytics 6. Hadoop…. anybody?
© Copyright 2017 NETMONASTERY Inc Technical Aspects 8 HOW IT WORKS 1. Horizontal scaling - Speed 2. Pipeline, let’s revisit Hadoop? 3. Data preparation - Parsing / Annotation 4. Enrichment - localization for context 5. Plugin framework - SOAR - Enrich, Validate, Respond 6. AI / ML ;) 7. Platform + Content
© Copyright 2017 NETMONASTERY Inc 9 The PIPELINE DATA FLOW WITHIN COLLECT PARSE ANNOTATE ENRICH VISUALIZE CORRELATE INDEX VALIDATE RESPOND REMEDIATE
© Copyright 2017 NETMONASTERY Inc 10 The PIPELINE DATA FLOW WITHIN ADAPTER DATASTORE CORRELATOR
© Copyright 2017 NETMONASTERY Inc Talking about DNIF 11 AND COMPETITION 1. SIEM - ArcSight, QRadar 2. Splunk, ELK 3. Hadoop (Cloudera, Hortonworks), Tableau, HANA, Watson 4. Free Parsers, SOAR, Packages / Plugins 5. Power of Collaboration
© Copyright 2017 NETMONASTERY Inc Opportunities - Gaps we’re aiming for 12 THE BUSINESS ANGLE, YAY! 1. Managed Security Services 2. Threat Hunting 3. Managed Detection Response 4. SWIFT, IMPS, NEFT, CC, Exchange, Telecom Switching 5. The Data Lake Theory - WORKBENCH
Thank You Oh BTW We are hiring Write to us - hello@dnif.it 13

More Related Content

PPTX
Understanding cyber resilience
Christophe Foulon, CISSP
 
PPTX
AI and ML in Cybersecurity
Forcepoint LLC
 
PPTX
Artificial Intelligence and Cybersecurity
Olivier Busolini
 
PDF
IBM Qradar
Coenraad Smith
 
PDF
GENERATIVE AI, THE FUTURE OF PRODUCTIVITY
Andre Muscat
 
PPSX
Next-Gen security operation center
Muhammad Sahputra
 
PPTX
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
PPTX
AI and the Impact on Cybersecurity
Graham Mann
 
Understanding cyber resilience
Christophe Foulon, CISSP
 
AI and ML in Cybersecurity
Forcepoint LLC
 
Artificial Intelligence and Cybersecurity
Olivier Busolini
 
IBM Qradar
Coenraad Smith
 
GENERATIVE AI, THE FUTURE OF PRODUCTIVITY
Andre Muscat
 
Next-Gen security operation center
Muhammad Sahputra
 
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
AI and the Impact on Cybersecurity
Graham Mann
 

What's hot (20)

PDF
Cyber security career development paths
Chelsea Jarvie
 
PDF
Security Automation and Machine Learning
Siemplify
 
PDF
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
Elasticsearch
 
PPTX
Crowdstrike .pptx
uthayakumar174828
 
PDF
AI & ML in Cyber Security - Why Algorithms are Dangerous
Raffael Marty
 
PPTX
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
DataWorks Summit
 
PDF
Mapping ATT&CK Techniques to ENGAGE Activities
MITRE ATT&CK
 
PDF
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
PDF
Cyber Resilience
Ian-Edward Stafrace
 
PPTX
How is ai important to the future of cyber security
Robert Smith
 
PPTX
Use of Artificial Intelligence in Cyber Security - Avantika University
Avantika University
 
PDF
AI: The New Player in Cybersecurity (Nov. 08, 2023)
Takeshi Takahashi
 
PDF
Cyber Threat Intelligence
mohamed nasri
 
PDF
SIEM Architecture
Nishanth Kumar Pathi
 
PDF
Combating Cyber Security Using Artificial Intelligence
Inderjeet Singh
 
PDF
Elastic Security Brochure
Joseph DeFever
 
PDF
Secure Your Data with Fidelis Network® for DLP
Fidelis Cybersecurity
 
PDF
Zero Trust : How to Get Started
EyesOpen Association
 
PPTX
Generative AI, WiDS 2023.pptx
Colleen Farrelly
 
PDF
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Raffael Marty
 
Cyber security career development paths
Chelsea Jarvie
 
Security Automation and Machine Learning
Siemplify
 
Upgrade Your SOC with Cortex XSOAR & Elastic SIEM
Elasticsearch
 
Crowdstrike .pptx
uthayakumar174828
 
AI & ML in Cyber Security - Why Algorithms are Dangerous
Raffael Marty
 
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
DataWorks Summit
 
Mapping ATT&CK Techniques to ENGAGE Activities
MITRE ATT&CK
 
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
Cyber Resilience
Ian-Edward Stafrace
 
How is ai important to the future of cyber security
Robert Smith
 
Use of Artificial Intelligence in Cyber Security - Avantika University
Avantika University
 
AI: The New Player in Cybersecurity (Nov. 08, 2023)
Takeshi Takahashi
 
Cyber Threat Intelligence
mohamed nasri
 
SIEM Architecture
Nishanth Kumar Pathi
 
Combating Cyber Security Using Artificial Intelligence
Inderjeet Singh
 
Elastic Security Brochure
Joseph DeFever
 
Secure Your Data with Fidelis Network® for DLP
Fidelis Cybersecurity
 
Zero Trust : How to Get Started
EyesOpen Association
 
Generative AI, WiDS 2023.pptx
Colleen Farrelly
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Raffael Marty
 
Ad

Similar to Data Analytics in Cyber Security (20)

PPTX
Big Data Impacts on Hybrid Infrastructure and Management
Enterprise Management Associates
 
PPTX
Mastering Next Gen SIEM Use Cases (Part 3)
DNIF
 
PDF
Mastering next gen-siem-usecases-part1
Priyanka Aash
 
PPTX
Crisis-Ready Crisis-Proof IT Infrastructure for the New Normal
Kalin Hitrov
 
PDF
IOT_MODULE_4.pd easy to understand notes
shreyarrce
 
PPTX
Big Data Presentation - Data Center Dynamics Sydney 2014 - Dez Blanchfield
Dez Blanchfield
 
PDF
The Rise of Big Data and the Chief Data Officer (CDO)
gcharlesj
 
PPTX
Big data analytics and machine intelligence v5.0
Amr Kamel Deklel
 
PDF
Big Data Science Workshop Documentation V1.0
Abdelrahman Astro
 
PPTX
Big Data Expo 2015 - IBM 5 predictions
BigDataExpo
 
PDF
SuanIct-Bigdata desktop-final
stelligence
 
PDF
Workshop on Data Science at Best Practices Meet 2017, Data Security Council o...
Shomiron Das Gupta
 
PDF
Aioug big data and hadoop
AiougVizagChapter
 
PPTX
Big Data and Semantic Web in Manufacturing
Nitesh Khilwani
 
PDF
History of Data-Centric Transformation
scoopnewsgroup
 
PPT
Óscar Méndez - Big data: de la investigación científica a la gestión empresarial
Fundación Ramón Areces
 
PPTX
Cloud Revolution Conitnues
Patrick J McCartney
 
PPTX
Big Data Past, Present and Future – Where are we Headed? - StampedeCon 2014
StampedeCon
 
PPTX
Intro big data analytics
Hagar Alaa el-din
 
PDF
Random notes on big data
Jay Wu
 
Big Data Impacts on Hybrid Infrastructure and Management
Enterprise Management Associates
 
Mastering Next Gen SIEM Use Cases (Part 3)
DNIF
 
Mastering next gen-siem-usecases-part1
Priyanka Aash
 
Crisis-Ready Crisis-Proof IT Infrastructure for the New Normal
Kalin Hitrov
 
IOT_MODULE_4.pd easy to understand notes
shreyarrce
 
Big Data Presentation - Data Center Dynamics Sydney 2014 - Dez Blanchfield
Dez Blanchfield
 
The Rise of Big Data and the Chief Data Officer (CDO)
gcharlesj
 
Big data analytics and machine intelligence v5.0
Amr Kamel Deklel
 
Big Data Science Workshop Documentation V1.0
Abdelrahman Astro
 
Big Data Expo 2015 - IBM 5 predictions
BigDataExpo
 
SuanIct-Bigdata desktop-final
stelligence
 
Workshop on Data Science at Best Practices Meet 2017, Data Security Council o...
Shomiron Das Gupta
 
Aioug big data and hadoop
AiougVizagChapter
 
Big Data and Semantic Web in Manufacturing
Nitesh Khilwani
 
History of Data-Centric Transformation
scoopnewsgroup
 
Óscar Méndez - Big data: de la investigación científica a la gestión empresarial
Fundación Ramón Areces
 
Cloud Revolution Conitnues
Patrick J McCartney
 
Big Data Past, Present and Future – Where are we Headed? - StampedeCon 2014
StampedeCon
 
Intro big data analytics
Hagar Alaa el-din
 
Random notes on big data
Jay Wu
 
Ad

More from DNIF (15)

PPTX
Beyond blacklists - A cyber threat intelligence perspective
DNIF
 
PPTX
Insight into SOAR
DNIF
 
PPTX
A closer look at CTF challenges
DNIF
 
PDF
Threat Intelligence and Cyber Security Challenges | KASPERSKY & DNIF INTEGRATION
DNIF
 
PPTX
CVE Analysis using vFeed
DNIF
 
PDF
Container Security Essentials
DNIF
 
PDF
Importance of having a vulnerability management | Vfeed
DNIF
 
PPTX
Anatomy of Persistence Techniques & Strategies to Detect
DNIF
 
PPTX
User Behavior Analytics Using Machine Learning
DNIF
 
PPTX
Process Whitelisting With VirusTotal
DNIF
 
PPTX
VirusTotal Threat Intelligence and DNIF Use Cases
DNIF
 
PPTX
Threat hunting and achieving security maturity
DNIF
 
PPTX
Kaspersky Threat Intelligence Portal and DNIF Use Cases
DNIF
 
PPTX
Mastering Next Gen SIEM Use Cases (Part 2)
DNIF
 
PPTX
Mastering Next Gen SIEM Use Cases (Part 1)
DNIF
 
Beyond blacklists - A cyber threat intelligence perspective
DNIF
 
Insight into SOAR
DNIF
 
A closer look at CTF challenges
DNIF
 
Threat Intelligence and Cyber Security Challenges | KASPERSKY & DNIF INTEGRATION
DNIF
 
CVE Analysis using vFeed
DNIF
 
Container Security Essentials
DNIF
 
Importance of having a vulnerability management | Vfeed
DNIF
 
Anatomy of Persistence Techniques & Strategies to Detect
DNIF
 
User Behavior Analytics Using Machine Learning
DNIF
 
Process Whitelisting With VirusTotal
DNIF
 
VirusTotal Threat Intelligence and DNIF Use Cases
DNIF
 
Threat hunting and achieving security maturity
DNIF
 
Kaspersky Threat Intelligence Portal and DNIF Use Cases
DNIF
 
Mastering Next Gen SIEM Use Cases (Part 2)
DNIF
 
Mastering Next Gen SIEM Use Cases (Part 1)
DNIF
 

Recently uploaded (20)

PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Heart disease approach using modified random forest and particle swarm optimi...
IAESIJAI
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PDF
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PPTX
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
PPTX
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
Encapsulation theory and applications.pdf
gurumoop
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Heart disease approach using modified random forest and particle swarm optimi...
IAESIJAI
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 

Data Analytics in Cyber Security

  • 1. © Copyright 2017 NETMONASTERY Inc Big Data Structures in the Cyber Security Puzzle 1 Shomiron DAS GUPTA, Founder, CEO NETMONASTERY Inc. Data Analytics in Cyber Security
  • 2. © Copyright 2017 NETMONASTERY Inc Agenda … Setting Expectations! 2 NEXT 45 MINS 1. Cyber Security - How it works, today! 2. Data Analytics, the What and the Why 3. The Technical Aspects 4. The Pipeline 5. Opportunities - Gaps we’re aiming for 6. Demo
  • 3. © Copyright 2017 NETMONASTERY Inc Hello, who is speaking? 3 Founder of NETMONASTERY, we built DNIF - An Integrated Threat Hunting Platform for the CSOC Research on Detection, Hunting and …. ML One of the few guys that does defense for a living GCIA 2000 - 18Yrs of Intrusion Detection, Handling WHAT I DO FOR A LIVING @shomiron
  • 4. © Copyright 2017 NETMONASTERY Inc Cyber Security — The NUMBERS! 4 THE CURRENT WORLD CHALLENGES ■ Data growth 230% YoY ■ Mid Sized Enterprise - 30 TB Monthly ■ Enterprise Grade - 100+ TB Monthly ■ Government - 1.23 PB Monthly ■ Process, Percolation / Lag < 10s ■ Detect stuff we didn’t know about
  • 5. © Copyright 2017 NETMONASTERY Inc Cyber Security Solutions — Where were we? 5 THE CURRENT WORLD Security Information and Event Management ■ It’s… last generation ■ Slow… can’t scale (database) ■ Rule based - KNOWN / KNOWNs ■ Beautiful UI - HiFi ■ Center of the Earth
  • 6. © Copyright 2017 NETMONASTERY Inc 6 We FAIL* EVERYDAY!!
  • 7. © Copyright 2017 NETMONASTERY Inc Data Analytics + Big Data Structures 7 AND THE MARRIAGE PARTY 1. Facets and dimensionality 2. Static / dynamic analytics 3. Why static is better 4. Then why are we doing dynamic? 5. The Marriage of Big Data with Analytics 6. Hadoop…. anybody?
  • 8. © Copyright 2017 NETMONASTERY Inc Technical Aspects 8 HOW IT WORKS 1. Horizontal scaling - Speed 2. Pipeline, let’s revisit Hadoop? 3. Data preparation - Parsing / Annotation 4. Enrichment - localization for context 5. Plugin framework - SOAR - Enrich, Validate, Respond 6. AI / ML ;) 7. Platform + Content
  • 9. © Copyright 2017 NETMONASTERY Inc 9 The PIPELINE DATA FLOW WITHIN COLLECT PARSE ANNOTATE ENRICH VISUALIZE CORRELATE INDEX VALIDATE RESPOND REMEDIATE
  • 10. © Copyright 2017 NETMONASTERY Inc 10 The PIPELINE DATA FLOW WITHIN ADAPTER DATASTORE CORRELATOR
  • 11. © Copyright 2017 NETMONASTERY Inc Talking about DNIF 11 AND COMPETITION 1. SIEM - ArcSight, QRadar 2. Splunk, ELK 3. Hadoop (Cloudera, Hortonworks), Tableau, HANA, Watson 4. Free Parsers, SOAR, Packages / Plugins 5. Power of Collaboration
  • 12. © Copyright 2017 NETMONASTERY Inc Opportunities - Gaps we’re aiming for 12 THE BUSINESS ANGLE, YAY! 1. Managed Security Services 2. Threat Hunting 3. Managed Detection Response 4. SWIFT, IMPS, NEFT, CC, Exchange, Telecom Switching 5. The Data Lake Theory - WORKBENCH
  • 13. Thank You Oh BTW We are hiring Write to us - hello@dnif.it 13